This year’s HIMSS24 is turning the spotlight to an issue of increasing importance – cybersecurity – with the daylong Healthcare Cybersecurity Forum on Monday, March 11, hosted by Erik Decker, chief information security officer at Intermountain Health.
Recent headlines about the major disruptions caused by the Change Healthcare cyberattack, described by the American Hospital Association as a “threat-to-life crime,” show the stakes.
Add to the already fraught threat landscape, new areas of vulnerability – such as the integration of telehealth and remote care’s integration into more health systems’ offerings, and it’s clear that cybersecurity risks are at an all-time high.
Especially given the new patient safety threats of compromised critical infrastructure and hacked medical devices, and it’s essential that hospitals and other health organizations continually update their strategies and invest new resources to innovate their systems and stay ahead of evolving threats.
The Healthcare Cybersecurity Forum, which comprises a dozen individual lectures and panel discussions with thought leaders across in the industry, offers key insights to help toward those goals. Sessions on March 11 will touch on topics from safeguarding patient data to evolving regulations for medical technology product security.
Other topics shine a spotlight on the need for cybersecurity in technologies including telehealth, remote monitoring and wearables, all aimed at promoting patient-centric care.
Forum attendees will gain insights into industry leaders’ efforts to secure healthcare’s expanding digital landscape, ensuring data security within and beyond healthcare facilities.
One of the highlights is sure to be the focus on ensuring cybersecurity responsibilities are shared across an entire organization: The five-person panel, moderated by Richard Staynings, chief security strategist at Cylera, will discuss the significance of a collective commitment to cybersecurity.
As cybersecurity extends beyond technical measures, it demands a shared responsibility across all levels of an organization – from leadership to newcomers.
This session will offer insights into fostering a collective commitment to online safety within your institution and explore how leadership can set the tone and ensure that everyone understands their role in the security landscape.
Attendees will leave with actionable steps to enhance cybersecurity standards organization-wide and strategies to ensure all team members grasp their responsibilities, which will ultimately improve security standards.
Jason Cook, AVP sales engineering of Rubrick’s worldwide global partner organization and the company’s global field chief security officer/CISO John Murphy will focus their session on the issue of safeguarding patient data and will explore best practices for resilience in healthcare IT and security while navigating the industry’s unique challenges.
The back-to-back sessions, “Securing the Modern Connected Hospital: IoT, IoMT, and OT” and “MedTech Product Security: Navigating Evolving Global Regulations,” will focus on the ever-expanding landscape of connected medical devices and operational technology, and give attendees a closer look at the need for medical device security among evolving regulations.
As regulatory directives and cooperative efforts across the supply chain begin to play a more pivotal role in enhancing medical device cybersecurity, these sessions will evaluate those roles and provide insights into practical measures for addressing medical device security challenges and how to build advocacy with executive leadership.
As healthcare organizations come under sustained fire from malicious actors and fend off multiplying cyberattacks, Troy Ament, healthcare industry leader at Palo Alto Networks, will focus his session on best practices for developing an incident response plan and facilitating comprehensive enterprise-wide tabletop exercises.
Attendees will explore how hospital emergency management can collaborate effectively with information technology and cybersecurity teams to ensure seamless coordination during crises.
The discussion will also address common blind spots in real-time events and strategies to mitigate them and delve into the role of partners in enhancing organizational protection, as well as offer guidance on evaluating the effectiveness of these resources.
HIMSS24 is scheduled to take place March 11-15 in Orlando. Learn more and register.
Nathan Eddy is a healthcare and technology freelancer based in Berlin.
Email the writer: nathaneddy@gmail.com
Twitter: @dropdeaded209